Unintended Environment Variable Disclosure in HashiCorp Nomad Template Rendering (GHSA-6hv3-7c34-4hx8)
CVE-2019-14802 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
HashiCorp Nomad 0.5.0 through 0.9.4 (fixed in 0.9.5) reveals unintended environment variables to the rendering task during template rendering, aka GHSA-6hv3-7c34-4hx8. This applies to nomad/client/allocrunner/taskrunner/template.
Learn more about our Web Application Penetration Testing UK.